Stfean_Iordache

A Linux worm first spotted in November has joined the growing ranks of malware mining for crypto-currency. The worm is called Darlloz. Late last year, Symantec reported that the worm was spreading via a known vulnerability in PHP that was patched in 2012. "The worm targets computers running Intel x86 architectures," blogged Symantec researcher Kaoru Hayashi. "Not only that, but the worm also focuses on devices running the ARM, MIPS and PowerPC architectures, which are usually found on routers and set-top boxes. Since the initial discovery of Linux.Darlloz, we have found a new variant of the worm in mid-January. According to our analysis, the author of the worm continuously updates the code and adds new features, particularly focusing on making money with the worm." The most recent update includes functionality that installs 'cpuminer' and begins mining for Mincoins or Dogecoins, which are similar to bitcoins. The main reason for this is Mincoin and Dogecoin use the scrypt algorithm, which can still successfully mine on home PCs, whereas bitcoin requires custom ASIC chips to be profitable, the researcher explained. "By the end of February 2014, the attacker mined 42,438 Dogecoins (approximately US$46 at the time of writing) and 282 Mincoins (approximately US$150 at the time of writing)," Hayashi blogged. "These amounts are relatively low for the average cybercrime activity so, we expect the attacker to continue to evolve their threat for increased monetization." While the initial version of Darlloz has nine combinations of usernames and passwords for routers and set-top boxes, the latest version comes armed with 13 of these login credential combinations - including ones that work for IP cameras. Once a device is infected, the malware starts a HTTP Web server on port 58455 in order to spread. The server hosts worm files and lets anyone download files through this port by using a HTTP GET request, the researcher explained. "The Internet of Things is all about connected devices of all types," Hayashi blogged. "While many users may ensure that their computers are secure from attack, users may not realize that their IoT (Internet of Things) devices need to be protected too. Unlike regular computers, a lot of IoT devices ship with a default user name and password and many users may not have changed these. As a result, the use of default user names and passwords is one of the top attack vectors against IoT devices. Many of these devices also contain unpatched vulnerabilities users are unaware of. While this particular threat focuses on computers, routers, set-top boxes and IP cameras, the worm could be updated to target other IoT devices in the future, such as home automation devices and wearable technology." The worm also includes functionality to block other malware to keep other attackers from controlling an infected device. So far, Symantec has identified more than 31,000 unique IP addresses as being infected. Thirty-eight percent appear to be IoT devices such as routers, IP cameras and printers. Five regions of the world that account for half of the Darlloz infections are China, South Korea, Taiwan, India and the United States. "Consumers may not realize that their IoT devices could be infected with malware," blogged Hayashi. "As a result, this worm managed to compromise 31,000 computers and IoT devices in four months and it is still spreading. We expect that the malware author will continue to update this worm with new features as the technology landscape changes over time. Symantec will continue to keep an eye on this threat." Sursa : Linux Worm Turns Focus to Digital Dollars | SecurityWeek.Com

mersi am adaugat pe toata lumea lunea asta incep sa sterg din paginile mai vechi

Da . Cam asta e businessul . Cumperi ieftin vinzi mai scump . ON : 10 cupoane de cate 50$ fiecare le dai cu 45 in total ? De asemenea merg folosite unul dupa altul ? Adica cu 45$ eu imi bag in facebook 500$ ?

Security researchers have uncovered a total of 22 vulnerabilities affecting the custom Java Virtual Machine (JVM) implementation used in Oracle Database. The issues affecting Oracle JVM (Aurora VM) were reported to Oracle last week by Poland-based security research company Security Explorations, which has been working on this project for the past four months. Adam Gowdiak, the company's CEO and founder, told SecurityWeek that Oracle indirectly confirmed on Tuesday the existence of six of the flaws, which have been fixed in the main codeline and are scheduled for a future Critical Patch Update (CPU). The rest of the flaws have been assigned a status of "under investigation / being fixed in main codeline." Update: As of Friday, June 27, Security Explorations told SecurityWeek that Oracle has confirmed 20 of the 22 reported vulnerabilities. The vulnerabilities can be leveraged by an attacker for privilege escalation and to execute arbitrary Java code on an affected Oracle Database server. "A malicious user with a bare minimum privilege required to connect and login to Oracle Database (with 'CREATE SESSION' privilege only) can successfully compromise the security of the software that according to Oracle's CEO 'hasn't been broken into for a couple of decades by anybody' and that is 'so secure, there are people that complain'," Gowdiak explained. "By escaping the Java VM security sandbox of Oracle Database, one can easily gain database admin privileges in it. Java based exploits make such a privilege elevation in particular simple," he added. "Java security vulnerabilities can have a devastating effect not only for desktop users (Java Plugin in the browser), but also for cloud and database environments." The vulnerabilities are caused by flaws in the Java Reflection API, which has been responsible for a lot of Java SE security issues in 2012 and 2013, the expert told SecurityWeek. "It's been almost 2 years since Java Reflection API issues were brought to the public attention. Regardless of that, simple instances of these issues are still present in Oracle products other than Java SE," Gowdiak said. Security Explorations has successfully reproduced the exploits on Oracle Database 11g Release 2 (11.2.0.1.0) for Microsoft Windows x64, Oracle Database 11g Release 2 (11.2.0.4.5) Patch Bundle 18590877 for Microsoft Windows x64, Oracle Database 12c Release 1 (12.1.0.1.0) for Microsoft Windows x64 and Oracle Database 12c Release 1 (12.1.0.1.9) Bundle Patch 18724015 for Microsoft Windows x64. Sursa : 22 Vulnerabilities Found in Oracle Database Java VM Implementation | SecurityWeek.Com

Da , dar sunt si dezavantaje . Se renunta practic la anonimitate complet , ceea ce intr-o tara democrata nu ar trebui sa fie ok .

Salut . In primul rand vezi ca e 5000 coins - 1$ iar dintr-un click faci pana in 9 coins . In al doilea rand nu mai face posturi din astea ca mai mult faci reclama negativa . Daca vrei sa iti faci referrals atunci pune in semnatura un banner cum am pus si eu .

vplus sucks au abandonat treaba de mult timp , dar eu caut ceva gen vplus/voyo/netflix doar sa aiba toate serialele si complete .... nu veniti cu dughene de site-uri cu 50 popuri si sa astept juma de ora sa ma prind care e reclama si care e playerul adevarat....

haaha asta ar merge poate daca aveti proxyuri private din alea de 1$ bucata altfel cu cele scrapeuite o sa va ceara din prima captcha daca vreti sa faceti ceva bun luati api-ul de la deathbycaptcha si bagati-l in bot (au dll gata facut).

Un backtrack cu design mai dragut , sau care e diferenta ?

Mai da o data linkul . Nu am putut adauga pe toata lumea deoarece unii deja aveau linkul in sistem si nu poate fii adaugat de pe 2 conturi . Same .

Ce nu merge ?

Buna seara . Care este cel mai bun site de seriale subtitrate (in romana/engleza) ? Nu ma deranjeaza sa fie platit , dar sa nu fie serialepenet.ro (nu vreau sa fac ordin de plata , iar codurile de la gecko au expirat) . Site-ul daca e cu plata sa accepte paypal eventual . Sa nu fie cu 500 popupuri/reclame/ads and shit si sa nu fie serialele uploadate pe kkt de servere unde stau 50 de min sa mi se incarce primele 5 min .

E in beta in curand il lansez . Cat despre ceilalti v-am adaugat

Da . Daca maine ar pica facebook permanent afacerea mea nu ar mai avea rost

Pai ma baga in faliment astia . Daca nu isi revin in careva minute o sa ajung la sub 100 de users online pana la amiaza .

da lazlo flud cu coailii

Doamne-ajuta . ON : Asteapta macar cateva luni sa faci inainte sa iti pui problema de vip

Foarte interesant articolul , dar in mare ii priveste exclusiv pe americani ... De ce ne-ar interesa pe noi ca americanii sunt spionati de serviciul de spionaj american .

V-am adaugat pe toti , va rog veniti cu cat mai multe pagini sa le adaug pe like-ex deoarece maine seara lansam un bot ce va face automat puncte dand like la pagini si imi e frica ca 45k de pagini nu ajung haideti cat mai multe !! Botul face vreo 6-7 exchanges pe minute asta vine cam 700 de coins la 20 de minute , iar noi platim cu 1$ per 5k coins

haha ultimele 2 cred ca sunt fabulatii sau din filme sf

Oricum mie mi se par foarte prosti cei de la addmefast deoarece interzic botii pe acelasi principiu cu interzicere prostitu?iei. Toata lumea o face si e imposibil sa o opresti definitiv, dar in schimb daca ai legaliza-o toata lumea ar avea de castigat.

Salut . Vin cu un tool pe care eu l-am gasit foarte folositor : sales thread: Pinblaster.com https://www.dropbox.com/s/l3w8y89truz1lvw/Pinblaster-1.74-Crackedby-Hotcrack.rar .

Salut . Costa pana in 15$ un articol scris bine . Nu trebuie sa stai sa scrii tu sa ti se acreasca . Faci blogurile , cumperi backlinkuri de calitate , cumperi articole , le postezi periodic si gata . Nu am zis niciodata ca e simplu , dar tu nu trebuie sa ai cunostiinte extrem de vaste in aceste domenii deoarece absolut toate uneltele pentru a face aceasta retea sunt valabile online (la un pret bineinteles) , e treaba ta ca antreprenor sa le gasesti si sa iti calculezi investitia si profitul .

Sa mori tu ? Asa se scot cei mai multi bani din adsense . Iti faci o retea de bloguri nisate si le rankezi pe keywordul principal sau trimiti traffic pe ele de pe pinterest/facebook/alte bloguri . *nisate = un site specializat pe o nisa exacta si bine platita de exemplu : loans (imprumuturi) , asigurari , trading etc . Blogurile pe aceste nise ce au adsense pe ele primesc pana in 150$/k de vizualizari in timp ce site-uri pe nise de divertisment (tip 9gag) ajung la un maximum de 5$/k . Tu iti poti face o retea de astfel de bloguri si gen faci partea intai a unui articol (poti plati experti sa iti faca articole) pe un blog si pui link catre continuuare pe alt blog ce are aceeasi nisa (pe care de asemenea este adsense) si asa te joci cu traficul facandu-ti o retea de bloguri . Dar e important sa le rankezi si sa ai continut unic mai intai sau sa aduci traffic din alte surse .

Puteti vedea aici cam cate ati primit . Inca accept O sa mai trimit la toti cateva si dupa o sa le opresc cred , oricum si la 100 backlinkuri de site tot ajuta la ceva .